c76302831c3f9dc15bb7a24135c04f9e1eabc6ac573f8970f4f3e96f18b2f695

Sharing

Copy URL Twitter E-mail

General

Target

c76302831c3f9dc15bb7a24135c04f9e1eabc6ac573f8970f4f3e96f18b2f695
Size

329KB
MD5

a3db9a65842fdd2a8a054993e7c4ebc3
SHA1

86efd99bb6d4a3d87eaec685294c190edaf8067c
SHA256

c76302831c3f9dc15bb7a24135c04f9e1eabc6ac573f8970f4f3e96f18b2f695
SHA512

7f67394ae8a0fd4ba63a8a56d770c4f4268e7e8694e2675d3000b6d32806f2c744dd0ae48b91bab224c4d7a52c1d957524d6e20a870bbaaef3378bcb6d6bfcc6
SSDEEP

6144:0zyMfrPISbZEXJD8URsx5uKrYNnCMfBf/bPjl2MhqRU7ta2xNCQNGnm2:8XfrASbZyJwUyzuKr8DfBDJ2gZa6NCQ6

Score

N/A

Malware Config

Signatures

Files

c76302831c3f9dc15bb7a24135c04f9e1eabc6ac573f8970f4f3e96f18b2f695
.exe windows x86

29aaf31a0f1e4f4b0eb95b3504faad64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

msdart

?WriteLock@CReaderWriterLock@@QAEXXZ
?ReadOrWriteLock@CSpinLock@@QAE_NXZ
?BucketSize@CLKRHashTableStats@@SGJJ@Z
?InsertTail@CLockedDoubleList@@QAEXQAVCListEntry@@@Z
?WriteUnlock@CReaderWriterLock3@@QAEXXZ
?_InsertThisIntoGlobalList@CLKRHashTable@@AAEXXZ
FXMemAttach
??1CReaderWriterLock2@@QAE@XZ
?_RemoveThisFromGlobalList@CLKRLinearHashTable@@AAEXXZ
?ReadUnlock@CLKRHashTable@@QBEXXZ
?IsWin9x@CMdVersionInfo@@SAHXZ
?_SubTable@CLKRHashTable@@ABEPAVCLKRLinearHashTable@@K@Z
?ReadLock@CLKRLinearHashTable@@QBEXXZ
?IsWriteUnlocked@CReaderWriterLock@@QBE_NXZ
?ConvertSharedToExclusive@CFakeLock@@QAEXXZ
?ReadOrWriteLock@CFakeLock@@QAE_NXZ
?sm_dblDfltSpinAdjFctr@CReaderWriterLock@@1NA
?SetDefaultSpinAdjustmentFactor@CFakeLock@@SGXN@Z

msvcirt

?precision@ios@@QBEHXZ
??0fstream@@QAE@HPADH@Z
??_7stdiostream@@6B@
??0ostream_withassign@@QAE@PAVstreambuf@@@Z
??0Iostream_init@@QAE@AAVios@@H@Z
?seekoff@streambuf@@UAEJJW4seek_dir@ios@@H@Z
??1istream_withassign@@UAE@XZ
?blen@streambuf@@IBEHXZ
??4ostream_withassign@@QAEAAVostream@@PAVstreambuf@@@Z
??4iostream@@IAEAAV0@AAV0@@Z
??0exception@@QAE@XZ
??0strstream@@QAE@ABV0@@Z
??4istrstream@@QAEAAV0@ABV0@@Z
??4istream_withassign@@QAEAAV0@ABV0@@Z
?precision@ios@@QAEHH@Z
??5istream@@QAEAAV0@AAE@Z
?egptr@streambuf@@IBEPADXZ
??Bios@@QBEPAXXZ
??_8ostream_withassign@@7B@
?xsgetn@streambuf@@UAEHPADH@Z
??1ostrstream@@UAE@XZ
??0streambuf@@IAE@XZ
??0fstream@@QAE@PBDHH@Z
??1ios@@UAE@XZ
??_Dostrstream@@QAEXXZ

ws2_32

WSAAsyncGetServByName
getservbyname
WSARecvDisconnect
WSAEnumProtocolsA
WSALookupServiceNextW
recvfrom
ntohl
WSAAsyncSelect
getsockopt
WSCEnableNSProvider
WSARecvFrom
ntohs
WSAAsyncGetProtoByName
htons
WSCGetProviderPath
WSANSPIoctl
WSAGetServiceClassNameByClassIdA
gethostbyname
WSAEnumNameSpaceProvidersW
__WSAFDIsSet
WSAAccept
WSAAsyncGetProtoByNumber
WSASetServiceA
WEP
WSAInstallServiceClassW

ole32

CoGetMarshalSizeMax
OleCreateLinkToFileEx
OleGetClipboard
OleInitialize
CoGetObjectContext
OleGetIconOfClass
PropVariantChangeType
SetConvertStg
DllGetClassObjectWOW
OleGetIconOfFile
HENHMETAFILE_UserFree
CoTestCancel
HWND_UserFree
OleInitializeWOW
GetDocumentBitStg
CoGetInterceptor
HMETAFILE_UserMarshal
HMETAFILEPICT_UserSize
STGMEDIUM_UserSize
HICON_UserFree
CLIPFORMAT_UserFree
WriteClassStm
OpenOrCreateStream
HMETAFILE_UserUnmarshal
OleCreateMenuDescriptor

kernel32

GetSystemPowerStatus
GlobalGetAtomNameW
GetNamedPipeHandleStateA
GetProcessShutdownParameters
IsDBCSLeadByte
PulseEvent
GetUserDefaultLCID
GetConsoleNlsMode
ExitVDM
GetCurrentThread
WriteConsoleInputVDMW
VirtualAlloc
LoadLibraryA
CreateFileMappingA
GetSystemDefaultLCID
GetConsoleOutputCP
SetLastError
FillConsoleOutputAttribute
WaitNamedPipeW
GetStartupInfoA
GetStringTypeExA
QueryPerformanceCounter
OutputDebugStringW
ProcessIdToSessionId
SetVolumeMountPointA
GetConsoleInputExeNameW
_lread
lstrcmpiW

advapi32

SetSecurityDescriptorGroup
IsWellKnownSid
ComputeAccessTokenFromCodeAuthzLevel
CredIsMarshaledCredentialA
LookupPrivilegeNameA
LsaSetInformationPolicy
ConvertAccessToSecurityDescriptorA
ReportEventW
ObjectCloseAuditAlarmA
CryptDestroyKey
CryptEncrypt
CryptAcquireContextW
SystemFunction004
BuildTrusteeWithObjectsAndSidW
RegNotifyChangeKeyValue
OpenSCManagerA
RegDisablePredefinedCache
SaferIdentifyLevel
SystemFunction010
CryptSetKeyParam

Sections

.text
Size: 274KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29aaf31a0f1e4f4b0eb95b3504faad64

Headers

File Characteristics

Imports

msdart

msvcirt

ws2_32

ole32

kernel32

advapi32

Sections

.text Size: 274KB - Virtual size: 273KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 6KB - Virtual size: 372KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 274KB - Virtual size: 273KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 6KB - Virtual size: 372KB

.rsrc
Size: 16KB - Virtual size: 16KB